PT-2023-2733 · Linux+7 · Linux Kernel+7

Maxpl0It

·

Publicado

2023-05-04

·

Atualizado

2024-04-15

·

CVE-2023-2156

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system. The vulnerability is related to the incorrect calculation of the packet header size in the ipv6 rpl segdata pos() function in the net/ipv6/rpl.c module. The issue can be exploited by sending specially crafted IPv6 packets, potentially leading to a system crash.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Assertion Failure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-617CWE-131

Identificadores relacionados

ALT-PU-2023-8461
ALT-PU-2024-4263
ALT-PU-2024-4843
BDU:2023-02580
CVE-2023-2156
DLA-3512-1
DSA-5448-1
DSA-5453-1
MGASA-2023-0201
MGASA-2023-0202
OPENSUSE-SU-2023_2646-1
OPENSUSE-SU-2023_2871-1
OPENSUSE-SU-2023_3302-1
OPENSUSE-SU-2023_3311-1
OPENSUSE-SU-2023_3313-1
OPENSUSE-SU-2023_3318-1
OPENSUSE-SU-2023_3376-1
OPENSUSE-SU-2023_3377-1
OPENSUSE-SU-2023_3391-1
OPENSUSE-SU-2023_3630-1
OPENSUSE-SU-2023_3644-1
OPENSUSE-SU-2023_3647-1
OPENSUSE-SU-2023_3648-1
OPENSUSE-SU-2023_3653-1
OPENSUSE-SU-2023_3657-1
OPENSUSE-SU-2023_3658-1
OPENSUSE-SU-2023_3659-1
OPENSUSE-SU-2023_3671-1
OPENSUSE-SU-2023_3676-1
RHSA-2023:6583
RHSA-2023_6583
ROSA-SA-2023-2189
SUSE-SU-2023:2500-1
SUSE-SU-2023:2502-1
SUSE-SU-2023:2611-1
SUSE-SU-2023:2646-1
SUSE-SU-2023:2653-1
SUSE-SU-2023:2782-1
SUSE-SU-2023:2809-1
SUSE-SU-2023:2871-1
SUSE-SU-2023:3302-1
SUSE-SU-2023:3311-1
SUSE-SU-2023:3313-1
SUSE-SU-2023:3318-1
SUSE-SU-2023:3376-1
SUSE-SU-2023:3377-1
SUSE-SU-2023:3391-1
SUSE-SU-2023:3421-1
SUSE-SU-2023:3594-1
SUSE-SU-2023:3595-1
SUSE-SU-2023:3607-1
SUSE-SU-2023:3623-1
SUSE-SU-2023:3627-1
SUSE-SU-2023:3628-1
SUSE-SU-2023:3630-1
SUSE-SU-2023:3631-1
SUSE-SU-2023:3632-1
SUSE-SU-2023:3644-1
SUSE-SU-2023:3647-1
SUSE-SU-2023:3648-1
SUSE-SU-2023:3653-1
SUSE-SU-2023:3657-1
SUSE-SU-2023:3658-1
SUSE-SU-2023:3659-1
SUSE-SU-2023:3668-1
SUSE-SU-2023:3671-1
SUSE-SU-2023:3675-1
SUSE-SU-2023:3676-1
SUSE-SU-2023:3677-1
USN-6173-1
USN-6412-1
USN-6416-1
USN-6416-2
USN-6416-3
USN-6445-1
USN-6445-2
USN-6466-1
ZDI-23-547

Produtos afetados

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu